From 872d3cea871264eed0159f49fba8621dd357ef1d Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Sat, 1 Apr 2006 18:22:31 +0000
Subject: r14849: Fix >= that should be >. Too strict condition checked by
 Volker. Jeremy. (This used to be commit
 9a763da07385bf9af437cab8dd680f2e13fca3c3)

---
 source3/smbd/ipc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source3/smbd/ipc.c')

diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 77746cb12f5..427b6ae2144 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -509,7 +509,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int
 				goto bad_param;
 			if (pdisp > tpscnt)
 				goto bad_param;
-			if ((smb_base(inbuf) + poff + pcnt >= inbuf + bufsize) ||
+			if ((smb_base(inbuf) + poff + pcnt > inbuf + bufsize) ||
 					(smb_base(inbuf) + poff + pcnt < smb_base(inbuf)))
 				goto bad_param;
 			if (params + pdisp < params)
@@ -525,7 +525,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int
 				goto bad_param;
 			if (ddisp > tdscnt)
 				goto bad_param;
-			if ((smb_base(inbuf) + doff + dcnt >= inbuf + bufsize) ||
+			if ((smb_base(inbuf) + doff + dcnt > inbuf + bufsize) ||
 					(smb_base(inbuf) + doff + dcnt < smb_base(inbuf)))
 				goto bad_param;
 			if (data + ddisp < data)
-- 
cgit